package com.hanqi.util.shiro;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.hanqi.entity.SysUser;
import com.hanqi.service.SysFuncsService;
import com.hanqi.service.SysMenuFuncService;
import com.hanqi.service.SysRoleService;
import com.hanqi.service.SysUserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authc.credential.CredentialsMatcher;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import java.util.List;

import static com.hanqi.util.shiro.ShiroUtil.HASH_ALGORITHM_SHA256;
import static com.hanqi.util.shiro.ShiroUtil.HASH_ITERATIONS;

public class UserRealm extends AuthorizingRealm {

    @Autowired
    protected SysUserService sysUserService;

    @Autowired
    protected SysRoleService sysRoleService;

    @Autowired
    protected SysMenuFuncService sysMenuFuncService;

    /**
     * 用户验证
     *
     * @param token
     * @return
     * @throws AuthenticationException
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken userToken = (UsernamePasswordToken) token;
        String uname = userToken.getUsername();

        QueryWrapper<SysUser> wrapper = new QueryWrapper<>();
        wrapper.eq("uname", uname);
        SysUser user = sysUserService.getOne(wrapper);

        if (user == null) {
            throw new UnknownAccountException();
        }

        return new SimpleAuthenticationInfo(user, user.getPword(), user.getSaltSouce(), getName());
    }

    /**
     * 授权:
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        // 获取登录用户名
        SysUser sysUser = (SysUser) principalCollection.getPrimaryPrincipal();
        String userId = sysUser.getId();

        // 添加角色和权限
        SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();

        // 角色权限代码列表
        List<String> rolesPermissions = sysRoleService.listRolePermissionsByUserId(userId);
        simpleAuthorizationInfo.addRoles(rolesPermissions);

        // 功能权限代码列表
        List<String> funcsPermissions = sysMenuFuncService.listFuncPermissionsByUserId(userId);
        simpleAuthorizationInfo.addStringPermissions(funcsPermissions);

        return simpleAuthorizationInfo;
    }

    /**
     * 配置加密规则
     *
     * @param credentialsMatcher
     */
    @Override
    public void setCredentialsMatcher(CredentialsMatcher credentialsMatcher) {
        HashedCredentialsMatcher shaCredentialsMatcher = new HashedCredentialsMatcher();
        shaCredentialsMatcher.setHashAlgorithmName(HASH_ALGORITHM_SHA256);
        shaCredentialsMatcher.setHashIterations(HASH_ITERATIONS);
        super.setCredentialsMatcher(shaCredentialsMatcher);
    }

}